User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
Firefox/91.0
Build Identifier: 

At the end of January there was an update of Samba 4.13 to 4.15. Since this
time all our clients, which are Windows-AD members, doesn't keep the user
kerberos tickets like before. Either the tickets are not refreshed or the
tickets are destroyed. This results in a crashed KDE Plasma in the morning when
the users try to login again, since the clients/user accounts weren't able to
write on the kerberized NFS-Home mounts after the tickets got lost.

Reproducible: Always

Steps to Reproduce:
1. Configure PAM-Winbind for User logins
2. Wait some hours and the user tickets are not in the ticket cache any more
Actual Results:  
Crashed KDE Plasma due to unwriteable home mounts

Expected Results:  
refreshed user tickets in the ticket cache

smb.conf
[global]
    netbios name = ilr114l
    security = ADS
    workgroup = ILRW
    realm = ILRW.ING.DOM.TU-DRESDEN.DE
    dedicated keytab file = /etc/krb5.keytab
    kerberos method = secrets and keytab
    template homedir = /home/home_ilrw/%U
    template shell = /bin/bash
    winbind refresh tickets = yes
    winbind separator = +
    idmap config * : backend = tdb
    idmap config * : range = 2000-2999
    idmap config ILRW : backend = rid
    idmap config ILRW : range = 3000-9999 # UID aus RID fuer ILRW
    idmap config DOM : backend = rid
    idmap config DOM : range = 10000-9999999 # UID aus RID fuer DOM

krb5.conf
[libdefaults]
        default_realm = ILRW.ING.DOM.TU-DRESDEN.DE
        dns_lookup_realm = true
        dns_lookup_kdc = true
        ticket_lifetime = 24h
        renew_lifetime = 7d
        forwardable = true

[realms]
   ILRW.ING.DOM.TU-DRESDEN.DE = {
        auth_to_local =
RULE:[1:$0@$1](ILRW\.ING\.DOM\.TU-DRESDEN\.DE@.*)s/\.ING\.DOM\.TU-DRESDEN\.DE@/+/
        auth_to_local =
RULE:[1:$0@$1](DOM\.TU-DRESDEN\.DE@.*)s/\.TU-DRESDEN\.DE@/+/
        auth_to_local = DEFAULT
   }